A shared folder or file is provided to its owner with group permissions, not owner permissions. This is especially problematic for a top-level share directory that has permissions 700. A share whose associated directory has those permissions cannot be mounted at all, even by its owner. Repeat by: 1. Find or create a file/folder on the server, somewhere within a share, with permissions 700 (rwx------). 2. Attempt to open the file/folder via the share client. Failure. 3. Back on the server, adjust permissions of the file/folder to 750 (rwxr-x---). 4. Attempt to view the file/folder via the share client. Success. 5. Verify Samba login username by placing a file on the share, then checking at the server to see if the username assigned to the new file matches the owner of the problematic file. Verified for user "fred" using the following smb.conf (stripped-down vanilla skeleton version) [global] workgroup = SAMBA security = user passdb backend = tdbsam printing = cups printcap name = cups load printers = yes cups options = raw [fred] comment = Fred's Directory path = /home/fred valid users = fred browseable = Yes read only = No Environment: Server is Mac Mini with clean install of Fedora 36 and Samba 4.16.1. Client is Mac Pro running MacOS "Mojave" 10.14.6. Previous installation of older Samba on Fedora 35 worked fine in this same environment, so possibly something new in 4.16.1?
Can you provide a debug level 10 log of the access failure please ? That will help track this down. Of interest will be the process token used by the smbd whilst trying to get access to the 0700 directory.
Created attachment 17288 [details] log.smbd, level 10, for mounting share (at 10:25:02) and attempting open of 700 file (at 10:25:15) This level 10 portion of log.smbd (4.16.1) shows: At 10:25:02 AM, user "burgess" (UID 1000) mounts share "pub" At 10:25:15 AM, user "burgess" attempts to open "foo.txt" Server-side listing of "pub: drwxrwxrwx. 2 root root 4096 May 13 10:20 pub Server-side listing of "foo.txt", a file located directly under "pub": -rwx------. 1 burgess burgess 32 May 13 10:20 foo.txt The response from MacOS "Mojave" 10.14.6 was "The document "foo.txt" could not be opened. You don't have permission." I hope this gives some clues!
Created attachment 17289 [details] log.smbd, level 10, for mounting share (at 12:24:05) and opening of 750 file (at 12:24:12) This level 10 portion of log.smbd (4.16.1) shows: At 12:24:05 PM, user "burgess" (UID 1000) mounts share "pub" At 12:24:12 PM, user "burgess" successfully opens file "bar.txt" Server-side listing of "pub": drwxrwxrwx. 2 root root 4096 May 13 10:20 pub Server-side listing of "bar.txt", a file located directly under "pub": -rwxr-x---. 1 burgess burgess 32 May 13 12:21 bar.txt Upon double-clicking the file, MacOS "Mojave" 10.14.6 successfully opened the file and displayed the contents. The only changes between the previous log and this one are the different filename (bar.txt instead of foo.txt, to avoid any caching issues) and the fact that bar.txt was set with server-side protections of 750 instead of 700.
This bug has gone away after a "dnf update" operation under Fedora 36. The update did NOT include any named samba components. I hereby invite the maintainers to change the status of this issue, if they wish. For posterity and interest, below is a list of the packages that were involved in this update that, apparently, somehow made this problem go away. The previous kernel before the update, and under which the reported issue manifested, was 5.17.6-300.fc36.x86_64. Whether that has anything to do with anything, I have no idea. Many thanks for all you do and your willingness to explore reported issues! ================================================================================ Package Arch Version Repo Size ================================================================================ Installing: kernel x86_64 5.17.8-300.fc36 updates 164 k Upgrading: NetworkManager x86_64 1:1.38.0-1.fc36 updates 2.1 M NetworkManager-adsl x86_64 1:1.38.0-1.fc36 updates 26 k NetworkManager-bluetooth x86_64 1:1.38.0-1.fc36 updates 53 k NetworkManager-libnm x86_64 1:1.38.0-1.fc36 updates 1.7 M NetworkManager-ppp x86_64 1:1.38.0-1.fc36 updates 36 k NetworkManager-team x86_64 1:1.38.0-1.fc36 updates 30 k NetworkManager-wifi x86_64 1:1.38.0-1.fc36 updates 127 k NetworkManager-wwan x86_64 1:1.38.0-1.fc36 updates 59 k anaconda-core x86_64 36.16.5-2.fc36 updates 2.2 M anaconda-gui x86_64 36.16.5-2.fc36 updates 454 k anaconda-tui x86_64 36.16.5-2.fc36 updates 192 k anaconda-widgets x86_64 36.16.5-2.fc36 updates 133 k authselect x86_64 1.4.0-1.fc36 updates 139 k authselect-libs x86_64 1.4.0-1.fc36 updates 234 k blivet-data noarch 1:3.4.4-1.fc36 updates 110 k clutter-gst3 x86_64 3.0.27-9.fc36 updates 84 k cockpit x86_64 269-1.fc36 updates 43 k cockpit-bridge x86_64 269-1.fc36 updates 484 k cockpit-networkmanager noarch 269-1.fc36 updates 520 k cockpit-packagekit noarch 269-1.fc36 updates 589 k cockpit-selinux noarch 269-1.fc36 updates 214 k cockpit-storaged noarch 269-1.fc36 updates 595 k cockpit-system noarch 269-1.fc36 updates 2.3 M cockpit-ws x86_64 269-1.fc36 updates 1.3 M dbus-broker x86_64 31-1.fc36 updates 176 k edk2-ovmf noarch 20220221gitb24306f15daa-4.fc36 updates 5.1 M evince x86_64 42.2-2.fc36 updates 1.6 M evince-djvu x86_64 42.2-2.fc36 updates 31 k evince-libs x86_64 42.2-2.fc36 updates 382 k evince-nautilus x86_64 42.2-2.fc36 updates 19 k evince-previewer x86_64 42.2-2.fc36 updates 35 k evince-thumbnailer x86_64 42.2-2.fc36 updates 18 k firefox x86_64 100.0.1-1.fc36 updates 103 M gdb-headless x86_64 12.1-1.fc36 updates 4.5 M glibc x86_64 2.35-9.fc36 updates 2.1 M glibc-common x86_64 2.35-9.fc36 updates 328 k glibc-gconv-extra x86_64 2.35-9.fc36 updates 1.6 M glibc-langpack-en x86_64 2.35-9.fc36 updates 583 k glusterfs x86_64 10.2-1.fc36 updates 613 k glusterfs-cli x86_64 10.2-1.fc36 updates 185 k glusterfs-client-xlators x86_64 10.2-1.fc36 updates 859 k glusterfs-fuse x86_64 10.2-1.fc36 updates 141 k gnome-classic-session noarch 42.1-2.fc36 updates 34 k gnome-remote-desktop x86_64 42.1.1-1.fc36 updates 210 k gnome-shell x86_64 42.1-2.fc36 updates 1.6 M gnome-shell-extension-apps-menu noarch 42.1-2.fc36 updates 17 k gnome-shell-extension-common noarch 42.1-2.fc36 updates 135 k gnome-shell-extension-launch-new-instance noarch 42.1-2.fc36 updates 11 k gnome-shell-extension-places-menu noarch 42.1-2.fc36 updates 16 k gnome-shell-extension-window-list noarch 42.1-2.fc36 updates 24 k gtk-update-icon-cache x86_64 3.24.34-1.fc36 updates 34 k gtk3 x86_64 3.24.34-1.fc36 updates 4.9 M gtk4 x86_64 4.6.4-1.fc36 updates 4.8 M gtksourceview5 x86_64 5.4.1-2.fc36 updates 996 k iwl100-firmware noarch 39.31.5.1-132.fc36 updates 137 k iwl1000-firmware noarch 1:39.31.5.1-132.fc36 updates 248 k iwl105-firmware noarch 18.168.6.1-132.fc36 updates 216 k iwl135-firmware noarch 18.168.6.1-132.fc36 updates 225 k iwl2000-firmware noarch 18.168.6.1-132.fc36 updates 219 k iwl2030-firmware noarch 18.168.6.1-132.fc36 updates 227 k iwl3160-firmware noarch 1:25.30.13.0-132.fc36 updates 2.5 M iwl3945-firmware noarch 15.32.2.9-132.fc36 updates 78 k iwl4965-firmware noarch 228.61.2.24-132.fc36 updates 91 k iwl5000-firmware noarch 8.83.5.1_1-132.fc36 updates 362 k iwl5150-firmware noarch 8.24.2.2-132.fc36 updates 134 k iwl6000-firmware noarch 9.221.4.1-132.fc36 updates 153 k iwl6000g2a-firmware noarch 18.168.6.1-132.fc36 updates 334 k iwl6000g2b-firmware noarch 18.168.6.1-132.fc36 updates 340 k iwl6050-firmware noarch 41.28.5.1-132.fc36 updates 292 k iwl7260-firmware noarch 1:25.30.13.0-132.fc36 updates 15 M iwlax2xx-firmware noarch 20220509-132.fc36 updates 39 M libbpf x86_64 2:0.7.0-3.fc36 updates 159 k libertas-usb8388-firmware noarch 2:20220509-132.fc36 updates 102 k libgfapi0 x86_64 10.2-1.fc36 updates 91 k libgfrpc0 x86_64 10.2-1.fc36 updates 57 k libgfxdr0 x86_64 10.2-1.fc36 updates 31 k libglusterd0 x86_64 10.2-1.fc36 updates 14 k libglusterfs0 x86_64 10.2-1.fc36 updates 299 k librsvg2 x86_64 2.54.3-1.fc36 updates 3.6 M linux-firmware noarch 20220509-132.fc36 updates 203 M linux-firmware-whence noarch 20220509-132.fc36 updates 49 k mutter x86_64 42.1-2.fc36 updates 2.4 M network-manager-applet x86_64 1.26.0-2.fc36 updates 199 k nm-connection-editor x86_64 1.26.0-2.fc36 updates 818 k osinfo-db noarch 20220516-1.fc36 updates 257 k ostree x86_64 2022.3-3.fc36 updates 234 k ostree-libs x86_64 2022.3-3.fc36 updates 432 k pcsc-lite x86_64 1.9.7-1.fc36 updates 93 k pcsc-lite-libs x86_64 1.9.7-1.fc36 updates 28 k pipewire x86_64 0.3.51-2.fc36 updates 39 k pipewire-alsa x86_64 0.3.51-2.fc36 updates 62 k pipewire-gstreamer x86_64 0.3.51-2.fc36 updates 61 k pipewire-jack-audio-connection-kit x86_64 0.3.51-2.fc36 updates 135 k pipewire-libs x86_64 0.3.51-2.fc36 updates 1.6 M pipewire-pulseaudio x86_64 0.3.51-2.fc36 updates 27 k pipewire-utils x86_64 0.3.51-2.fc36 updates 331 k python3-blivet noarch 1:3.4.4-1.fc36 updates 811 k rit-meera-new-fonts noarch 1.3-1.fc36 updates 180 k rsync x86_64 3.2.4-1.fc36 updates 400 k rsyslog x86_64 8.2204.0-1.fc36 updates 781 k switcheroo-control x86_64 2.5-1.fc36 updates 39 k vim-common x86_64 2:8.2.4975-1.fc36 updates 7.0 M vim-data noarch 2:8.2.4975-1.fc36 updates 27 k vim-default-editor noarch 2:8.2.4975-1.fc36 updates 20 k vim-enhanced x86_64 2:8.2.4975-1.fc36 updates 1.9 M vim-filesystem noarch 2:8.2.4975-1.fc36 updates 22 k vim-minimal x86_64 2:8.2.4975-1.fc36 updates 724 k wireplumber x86_64 0.4.10-1.fc36 updates 80 k wireplumber-libs x86_64 0.4.10-1.fc36 updates 318 k Installing dependencies: kernel-core x86_64 5.17.8-300.fc36 updates 46 M kernel-modules x86_64 5.17.8-300.fc36 updates 53 M